Snort mailing list archives
Re: router installation?
From: Jose Maria Lopez <jkerouac () bgsec com>
Date: 04 Oct 2004 20:08:27 +0200
El dom, 03 de 10 de 2004 a las 21:26, Magnus Ternström escribió:
Hi, I'm thinking about giving the pig a try on my firewalls but i need to know if snort supports running on a linux router with multiple NIC's. One has 5 networks in production enviroment. Why im asking is that all the guides tell me to specify _one_ "home net" with -h switch. Any hints and ideas are welcome. Kind regards, Magnus - Snort newbie
Yes, you can. You have some options. You can use any number of interfaces with Linux using the name "any" for the interface in snort, and I think also that you can use the notation eth+ to use eth0, eth1, etc. With this notation and the feature of the command "ip" to change the name of the interfaces you can specify a group of interfaces in snort. The HOME_NET variable can have any number of networks, there's no problem there. And you can also have a snort session for each interface, with it's own configuration files, all running in the same machine and even logging to the same database. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac () bgsec com bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÑA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road" ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- router installation? Magnus Ternström (Oct 03)
- Re: router installation? Jason (Oct 03)
- Re: router installation? Jason Haar (Oct 04)
- Re: router installation? Jason (Oct 04)
- Re: router installation? Alex Butcher, ISC/ISYS (Oct 05)
- Re: router installation? Jason Haar (Oct 04)
- Re: router installation? Jose Maria Lopez (Oct 04)
- Re: router installation? Jason (Oct 03)